github.com/lologarithm/mattermost-server@v5.3.2-0.20181002060438-c82a84ed765b+incompatible/services/httpservice/httpservice.go

github.com/lologarithm/mattermost-server@v5.3.2-0.20181002060438-c82a84ed765b+incompatible/services/httpservice/httpservice.go (about)

     1  // Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
     2  // See License.txt for license information.
     3  
     4  package httpservice
     5  
     6  import (
     7  	"net"
     8  	"net/http"
     9  	"strings"
    10  
    11  	"github.com/mattermost/mattermost-server/services/configservice"
    12  )
    13  
    14  // Wraps the functionality for creating a new http.Client to encapsulate that and allow it to be mocked when testing
    15  type HTTPService interface {
    16  	MakeClient(trustURLs bool) *http.Client
    17  	Close()
    18  }
    19  
    20  type HTTPServiceImpl struct {
    21  	configService configservice.ConfigService
    22  }
    23  
    24  func MakeHTTPService(configService configservice.ConfigService) HTTPService {
    25  	return &HTTPServiceImpl{configService}
    26  }
    27  
    28  func (h *HTTPServiceImpl) MakeClient(trustURLs bool) *http.Client {
    29  	insecure := h.configService.Config().ServiceSettings.EnableInsecureOutgoingConnections != nil && *h.configService.Config().ServiceSettings.EnableInsecureOutgoingConnections
    30  
    31  	if trustURLs {
    32  		return NewHTTPClient(insecure, nil, nil)
    33  	}
    34  
    35  	allowHost := func(host string) bool {
    36  		if h.configService.Config().ServiceSettings.AllowedUntrustedInternalConnections == nil {
    37  			return false
    38  		}
    39  		for _, allowed := range strings.Fields(*h.configService.Config().ServiceSettings.AllowedUntrustedInternalConnections) {
    40  			if host == allowed {
    41  				return true
    42  			}
    43  		}
    44  		return false
    45  	}
    46  
    47  	allowIP := func(ip net.IP) bool {
    48  		if !IsReservedIP(ip) {
    49  			return true
    50  		}
    51  		if h.configService.Config().ServiceSettings.AllowedUntrustedInternalConnections == nil {
    52  			return false
    53  		}
    54  		for _, allowed := range strings.Fields(*h.configService.Config().ServiceSettings.AllowedUntrustedInternalConnections) {
    55  			if _, ipRange, err := net.ParseCIDR(allowed); err == nil && ipRange.Contains(ip) {
    56  				return true
    57  			}
    58  		}
    59  		return false
    60  	}
    61  
    62  	return NewHTTPClient(insecure, allowHost, allowIP)
    63  }
    64  
    65  func (h *HTTPServiceImpl) Close() {
    66  	// Does nothing, but allows this to be overridden when mocking the service
    67  }